076e32a6cef5f20f24a6f41379ad925a_JaffaCakes118

General

Target

076e32a6cef5f20f24a6f41379ad925a_JaffaCakes118
Size

188KB
MD5

076e32a6cef5f20f24a6f41379ad925a
SHA1

d0c7513340f5190cab5e3d92e0f5baa818730105
SHA256

193885edf9f4e001526c3dd65a18501cd297d6bfb6a924ba44b7fb2a29592b4a
SHA512

35f7bd0bec79a8c97fd78f600c033542dbca9274eeafba473d9c718396342fe3617d216f7829be7c4f619cca52f4fff34c0663334cb26b34db2442fdb8f6c59b
SSDEEP

3072:tPAJXXX/sk9vQSw93/ES5gOhVv6gyLnwX1lPsBoaEJZJydSkuOncM9Bn3rg:tPePsk9IS6/EmgUCgWwV3cOMcM9B3r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
076e32a6cef5f20f24a6f41379ad925a_JaffaCakes118

Files

076e32a6cef5f20f24a6f41379ad925a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f76f78382b4268a8595228b770f09ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
AddAtomW
TlsAlloc
TlsSetValue
GetCommandLineA
GetCurrentProcess
RaiseException
GetDiskFreeSpaceA
SetUnhandledExceptionFilter
GetTickCount
TlsFree
GetVersion
GetVersionExA
CloseHandle
GetModuleHandleW
GetComputerNameA
GetFileType
TlsGetValue
GlobalMemoryStatus
EnumResourceNamesA
GetProcessHeap
SetHandleCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcessId
RtlUnwind
HeapFree
RegisterWaitForSingleObject
GetStartupInfoA
GetModuleFileNameA
DeviceIoControl
GetLocalTime
GetStdHandle
HeapAlloc
SetLastError
QueryPerformanceCounter
InterlockedExchange

msvcrt

_amsg_exit
_ismbblead
_XcptFilter
__setusermatherr
_cexit
__set_app_type
exit
_acmdln
_initterm
__p__commode
__getmainargs
_exit
?terminate@@YAXXZ
_vsnwprintf
_vsnprintf
__p__fmode
memset
_controlfp

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f76f78382b4268a8595228b770f09ef

Headers

File Characteristics

Imports

kernel32

msvcrt

setupapi

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 84KB - Virtual size: 84KB

.reloc Size: 1024B - Virtual size: 132KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 84KB - Virtual size: 84KB

.reloc
Size: 1024B - Virtual size: 132KB